Android users…Beware of LeakerLocker

After WannaCry, Petya ransomware and SambaCry, a scary new strain of ransomware is spreading via bogus apps on the Google Play Store, this time targeting Android mobile users.

Dubbed LeakerLocker, the Android ransomware does not encrypt files on victim’s device, unlike traditional ransomware, rather it secretly collects personal images, messages and browsing history and threatens to share it to their contacts if they don’t pay.

According to McAfee, the apps Wallpapers Blur HD and Booster & Cleaner Pro both carry the threat, which has the potential to cause extreme embarrassment.

LeakerLocker locks the home screen and accesses private information in the background, thanks to its victims granting permissions at installation time,” said McAfee.

“Not all the private data that the malware claims to access is read or leaked. The ransomware can read a victim’s email address, random contacts, Chrome history, some text messages and calls, pick a picture from the camera, and read some device information.”

Both apps have been reported to Google, which is investigating.

‘LeakerLocker claims to have made an unauthorised backup of a phone’s sensitive information that could be leaked to a user’s contacts unless it receives ‘a modest ransom’.

Users who do install the malware will see a pop-up message that contains details of the data it claims to have stolen.
It also holds instructions of how to pay the ransom to ensure the information is deleted.

It reads:

All personal data from your smartphone has been transfered to our secure cloud.

In less than 72 hours this data will be sent to every person from your telephone and email contacts list.

To abort this action you have to pay a modest ransom of $50 (£38).

Please note that there is no way to delete your data from our secure but paying for them (sic).

Do not pay the Ransom! Doing so motivates cyber criminals to carry out similar attacks, and there is also no guarantee that the stolen information will be deleted by the hackers from their server and will not be used to blackmail victims again.

About Prasad 58 Articles
Prasad Paul is a Technical Writer, Security Blogger, Network Engineer and IT Analyst. He is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.